Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2019-01-18	Joomla! Core 3.9.1 – Persistent Cross-Site Scripting in Global Configuration Textfilter Settings	webapps	php	Praveen Sutar
2019-01-18	Webmin 1.900 – Remote Command Execution (Metasploit)	remote	cgi	AkkuS
2019-01-18	SCP Client – Multiple Vulnerabilities (SSHtranger Things)	remote	multiple	Mark E. Haase
2019-01-18	Microsoft Edge Chakra – ‘InlineArrayPush’ Type Confusion	dos	windows	Google Security Research
2019-01-18	SeoToaster Ecommerce / CRM / CMS 3.0.0 – Local File Inclusion	webapps	php	Ihsan Sencan
2019-01-18	Microsoft Edge Chakra – ‘InitClass’ Type Confusion	dos	windows	Google Security Research
2019-01-18	Microsoft Edge Chakra – ‘NewScObjectNoCtor’ or ‘InitProto’ Type Confusion	dos	windows	Google Security Research
2019-01-18	phpTransformer 2016.9 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-17	Oracle Reports Developer Component 12.2.1.3 – Cross-site Scripting	webapps	multiple	Mohamed M.Fouad
2019-01-17	Microsoft Windows CONTACT – Remote Code Execution	local	windows	hyp3rlinx
2019-01-17	Check Point ZoneAlarm 8.8.1.110 – Local Privilege Escalation	local	windows	Chris Anastasio
2019-01-16	Microsoft Windows 10 – ‘RestrictedErrorInfo’ Unmarshal Section Handle Use-After-Free	dos	windows	Google Security Research
2019-01-16	Microsoft Windows 10 – XmlDocument Insecure Sharing Privilege Escalation	local	windows	Google Security Research
2019-01-16	blueman – set_dhcp_handler D-Bus Privilege Escalation (Metasploit)	local	linux	Metasploit
2019-01-16	Blueimp’s jQuery File Upload 9.22.0 – Arbitrary File Upload Exploit	webapps	php	Larry W. Cashdollar
2019-01-16	Google Chrome V8 JavaScript Engine 71.0.3578.98 – Out-of-Memory in Invalid Array Length	dos	multiple	Bogdan Kurinnoy
2019-01-16	NTPsec 1.1.2 – ‘config’ (Authenticated) Out-of-Bounds Write Denial of Service (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	Spotify 1.0.96.181 – ‘Proxy configuration’ Denial of Service (PoC)	dos	windows	Aaron V. Hernandez
2019-01-16	Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 – Unauthenticated Admin Password Reset	webapps	hardware	Adithyan AK
2019-01-16	ShoreTel / Mitel Connect ONSITE 19.49.5200.0 – Remote Code Execution	webapps	php	twosevenzero
2019-01-16	GL-AR300M-Lite 2.27 – (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal	webapps	hardware	Pasquale Turi
2019-01-16	Fortinet FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure	webapps	hardware	Julio Ureña
2019-01-16	NTPsec 1.1.2 – ‘ntp_control’ (Authenticated) NULL Pointer Dereference (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	doorGets CMS 7.0 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-16	NTPsec 1.1.2 – ‘ntp_control’ Out-of-Bounds Read (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	Roxy Fileman 1.4.5 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-16	WebKit JSC JIT – GetIndexedPropertyStorage Use-After-Free	dos	multiple	Google Security Research
2019-01-16	NTPsec 1.1.2 – ‘ctl_getitem’ Out-of-Bounds Read (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-15	1Password < 7.0 - Denial of Service	dos	android	Valerio Brussani
2019-01-15	Microsoft Windows VCF – Remote Code Execution	local	windows	hyp3rlinx
2019-01-15	ownDMS 4.7 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	ThinkPHP 5.X – Remote Command Execution	webapps	php	vr_system
2019-01-14	Microsoft Windows 10 – DSSVC MoveFileInheritSecurity Privilege Escalation	local	windows	Google Security Research
2019-01-14	Microsoft Windows 10 – Browser Broker Cross Session Privilege Escalation	local	windows	Google Security Research
2019-01-14	Microsoft Windows 10 – COM Desktop Broker Privilege Escalation	local	windows	Google Security Research
2019-01-14	Find a Place CMS Directory 1.5 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	i-doit CMDB 1.12 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	AudioCode 400HD – Command Injection	webapps	cgi	Sysdream
2019-01-14	i-doit CMDB 1.12 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-14	Dokany 1.2.0.1000 – Stack-Based Buffer Overflow Privilege Escalation	local	windows	Parvez Anwar
2019-01-14	Cleanto 5.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Across DR-810 ROM-0 – Backup File Disclosure	webapps	hardware	SajjadBnd
2019-01-14	Microsoft Windows 10 – SSPI Network Authentication Session 0 Privilege Escalation	local	windows	Google Security Research
2019-01-14	HealthNode Hospital Management System 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Hucart CMS 5.7.4 – Cross-Site Request Forgery (Add Administrator Account)	webapps	php	AllenChen
2019-01-14	Lenovo R2105 – Cross-Site Request Forgery (Command Execution)	webapps	hardware	Nathu Nandwani
2019-01-14	Craigs Classified Ads CMS Theme 1.0.2 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Horde Imp – ‘imap_open’ Remote Command Execution	webapps	php	Paolo Serracino, Pietro Minniti, Damiano Proietti
2019-01-14	Hootoo HT-05 – Remote Code Execution (Metasploit)	remote	hardware	Andrei Manole
2019-01-14	Live Call Support Widget 1.5 – Cross-Site Request Forgery (Add Admin)	webapps	php	Ihsan Sencan